Sr. Product Security Engineer
Listed on 2026-07-09
-
Security
Cybersecurity
Job Overview
Medtronic Cardiac Ablation Solutions (CAS) is seeking a Senior Product Security Engineer to join our R&D organization and help secure cardiac ablation medical device solutions. This role focuses on cybersecurity for medical devices and embedded systems. It is not an IT security, compliance, or GRC-focused position.
Responsibilities include securing real‑time systems, embedded firmware, connected devices, and other product security contexts.
A Day in the LifeAt Medtronic, we bring bold ideas forward with speed and decisiveness. In‑person exchanges are invaluable; the role requires a minimum of 4 days a week onsite to foster collaboration and professional growth.
Primary Responsibilities- Implement security requirements across the medical device development lifecycle by partnering with cross‑functional teams and applying best practices from design through deployment.
- Conduct threat modeling and vulnerability assessments to identify, prioritize, and help mitigate security risks throughout the product lifecycle.
- Support the design and delivery of secure medical devices through implementation of secure boot, secure communications, data protection, software update mechanisms, system integration protections, and access controls.
- Apply medical device cybersecurity standards and guidance, including NIST, OWASP, and IEC 81001-5-1, and partner with development teams to strengthen security practices.
- Stay current on cybersecurity trends affecting medical devices and health software, share best practices, and help advance long‑term product security strategy.
- Bachelor's degree and a minimum of 4 years of relevant experience.
- Master’s degree with a minimum of 2 years of relevant experience.
- PhD with 0 years of relevant experience.
- For Baccalaureate degrees earned outside the United States, a degree that satisfies the requirements of 8 C.F.R. §214.2(h)(4)(iii)(A) is required.
- Experience in embedded device security within a regulated industry.
- Strong understanding of cybersecurity concepts and frameworks such as NIST and OWASP.
- Working knowledge of secure software development lifecycle principles and security‑by‑design practices.
- Experience collaborating with engineering teams to identify and address product security risks.
- Familiarity with medical device cybersecurity standards and guidance, including IEC 81001-5-1, ISO 14971, and FDA pre‑market and post‑market cybersecurity guidance.
- Experience supporting FDA and other regulatory cybersecurity submissions.
- Experience with connected healthcare systems or cloud‑connected medical devices.
- Security certifications such as CompTIA Security+, CISSP, or similar.
Job Requirements
The above statements describe the general nature and level of work performed by employees assigned to this position and are not exhaustive. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Employees are required to be independently mobile, interact with a computer, and communicate with peers and co‑workers.
U.S. Work Authorization & SponsorshipU.S. work authorization sponsorship (H‑1B, TN, J, etc.) is offered exclusively for Principal‑level roles and above. Roles below the Principal level require candidates to possess unrestricted U.S. work authorization at the time of hire and for the duration of employment.
Benefits & CompensationSalary for U.S. (ex PR) locations: $ – $ USD.
The position is eligible for a short‑term incentive called the Medtronic Incentive Plan (MIP).
Benefits available to employees working 20+ hours per week include health, dental, vision insurance, health savings account, healthcare flexible spending account, life insurance, long‑term disability leave, dependent daycare spending account, tuition assistance/reimbursement, and the global well‑being program.
All regular employees are eligible for incentive plans, 401(k) with employer match, short‑term disability, paid time off, paid holidays, employee stock purchase plan, employee assistance program, non‑qualified retirement plan supplement, and capital accumulation plan for eligible levels.
Temporary employees may be eligible for paid sick time and the employee stock purchase plan.
EEO StatementMedtronic provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sexual orientation, gender identity, or other protected characteristic. Medtronic will provide reasonable accommodations for qualified individuals with disabilities.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).